Probably a good idea to cc: this to the kernel list :-)
I suspect it's intentional but with the planned changes for iptables
etc to be backed by bpf in the upstream kernel sometime in the future
it's likely going to need to be reviewed.
Peter
On Tue, Aug 7, 2018 at 10:25 PM, Timothée Ravier
Booting Fedora with Secure Boot enabled will result in Lockdown being enabled
at boot time. This will completly disable the BPF system call for all users
[1][2].
Unfortunately, this breaks the IPAddressAllow & IPAddressDeny systemd feature
[3][4][5].
I don't have a solution for this, but as